Our Wicket 1.5 application has lots of links for different tasks. We have a requirement that links our application generates have to be unique (and non-bookmarable).
How can we achieve this?
By default every link is not bookmarkable as it contains the Page Version Id and is tied to a specific session.
Edit: Bookmarkable Links and Stateless Pages beeing the exceptions of this rule. Don't use them and you're safe.
2nd Edit: To make sure, there are no valid URLs from another session that work in a current session, you could add some unique value to your links by using or implementing a MountMapper as generally described here. This mapper could include a variable from the current websession as a parameter and check for that value when reading an URL...
Related
How can i get the page URL in single-approver-definition.xml in the e-mail template that is used to send an e-mail to the content creator once the reviewer approves or rejects the submission. The existing xml is as follows:
<template>
Your submission has been reviewed and the reviewer has applied the following:
${taskComments}.
</template>
I tried ${serviceContext.getAttribute("contentURL")} and it didn't work.
I want to be able to do - Your submission for ${pageURL} has been reviewed and the reviewier has applied the following: \n ${taskComments}.\n
Any suggestions will be appreciated.
I don't get what variable exactly you want to process in your notification. As I can only assume, you are using it for Web Contents and all interesting variables are stored in two places.
Workflow context variables - they are available directly. Few examples like:
${taskComments}
${entryType}
${userId}
${userName}
...
ServiceContext variables - they are available using $serviceContext. Few examples:
$serviceContext.getAttributes().get("version")
$serviceContext.getAttributes().get("articleId")
${serviceContext.getPortalURL()}
...
For all interesting variables check this url https://www.liferay.com/web/igor.beslic/blog/-/blogs/workflow-in-action-kaleo-workflow-context-variables Some could change already, however most of them is working fine for current version.
Content changes might be made on a page, they can also be triggered through Control Panel (or the API for that matter). When you're in a workflow, you typically don't have this context any more - if you find it somehow I'd not rely on it to be there. A workflow is unrelated to the UI and pages.
Also, an article might be submitted on one page, where it might be replaced/removed before it's even approved. In that case the link wouldn't help.
What might work is to check the concept behind "Web Content Display Pages" (if your article has them configured and you deal with web content). But the mechanics will vary depending on the actual content type you're dealing with. And content that goes through workflow might not be displayed on any page at all (e.g. when submitted through Control Panel) or on many different pages (either explicitly - Web Content Display - or implicitly - Asset Publisher).
#tomic basically provides pointers to what you have, I'm only reasoning why your initial problem is problematic to solve at best - it's not fully specifiable.
In multitenant application instance is created once the namespace is set when other user tries to access the app through different instance actions are performed excepts from entries having common name.
Example: if i log into app with namespace country1 and then try to login with country2 user from country2 and country 1 who have same key say john when tries to login its credentials are checked with as of country1 hence it gives wrong password.
If tried to login by user which is only in country2 login is success but now if comman key are searched they give result that of country1
Overall once one namespace is set search command give result in favor of namespace which was set earlier.Instead of namespace who should give results independent of each other.
thanks in advance.any help is appreciated.
Can you provide more details or perhaps share some code here? Where are you setting the namespace?
In general, you need to set the namespace as soon as you get a request. If you are using Java, for example, you should do that using a Filter. After setting the namespace, all requests operations are going to use this namespace seamlessly. I don't understand why would you need to change that, but if you really need to do that, I don't see a problem... although you should be really careful because this approach may lead to a very confusing and buggy situation.
I think the namespace definition is valid only for a single request, so you should have a mechanism to redefine it every single time.
cheers!
In my application i have a scenario of superadmin who can view all namespaces hence i need to set them according to request. My issue is resolved now as I was setting namespace after calling getPersistentManger() so it was causing the problem, after shifting NamespaceManger.set at first line of call, and then calling persistent manager, application is working fine:)
I am a beginner in the world of ACL coding.I have no prior knowledge of filters and other concepts and cannot learn that because of time constraints.So I found an alternative way to implement ACL.
I have only 3 users suppose user,admin and sys.
So I just create jsp pages starting with the respective user types and the name of the page.
eg:- "userCheckStatus.jsp" and "sysCreateUser.jsp"
And then i check whether the usertype which is stored in the session matches with the respective page the user is trying to access. I just want to know that is this a good practise and will it provide me with the thing which I am trying to achieve. If not then what is lacking in the above method and please advise me for the same.
Thanks in advance!!!
Your approach may work. One drawback is if you change your mind and you will want to give access rights to another user or introduce new role, you will have to rewrite it completely. For example you will have to find all references to that jsp and fix the links. If user bookmarked the jsp, it will be not found anymore. Some kind of indirection (mapping access to jsp in configuration file) would be better.
Standard servlet security is not so hard to try. See Oracle documentation. The good news is that servlet API has direct support for it.
I have been developing an AJAX web application using GWT. I've read several blogs and forums about this question and left with no clear idea. I understand that GWT is an AJAX application, that supports only stand-alone web application. By stand-alone, I meant GWT to be a single web page that would suffice the user requirements. However the use case I have is pretty complex and I'm stuck in this use case that doesn't let me proceed.
My usecase(s) goes like this:
Usecase #1: There is an order entry form where user will enter a search string to search for a particular item. With GWT, I could display the result in a table (say celltable). However, when I click a column in the cellTable, I want the value of the column to be sent to the server and display another page that will display only the details of the selected column. I'm not sure how to accomplish this.
Usecase #2: Let's say the web application I develop is called "InventoryControl" and I have different requirements such as:
display Available stock
display Order stock
display Manufactured unit
and Using Java servlets, I could just type http://localhost/availableStock?stockId=1234 on my browser to get the "Display available stock" for the given stockId and then http://localhost:orderStock?stockId=1234 to get the "display order stock" and similarly "display manufactured unit". Is the same possible using GWT? i.e. when I type http://localhost/availableStock?stockId=1234, is it possible to read the parameter being passed and then display the corresponding page?
If these are not meant to be guaranteed by GWT, should I stick with Plain old JAVA servlets/JSP?
Thanks in advance.
Ashok - Please note, what filip suggests above does not require multiple "pages" in the sense of additional html host pages. You can build a panel holding your display of the details, and swap it into the rootpanel of your host in the onSuccess() of your rpc call. The GWT history mechanism allows you to assign anchors to these "places" and provide a mechanism to map these anchors to specific display classes in your code.
GWT already has a mechanism for handling multiple page applications. Have a look at Activities and Places. You can define each page as a place in your application, and use the GWT mechanism to go from place to place at any time. Using places also allows you to easily add tokens/query parameters to each "page", in an OO manner, without having to worry about populating/querying the URL directly. Have a good read of the link!
I have a Java web application which stores some data in the session. The data in the session changes as the user interacts with the application (e.g. flow is managed by a controller, each controller has several form pages, on each form page some data is updated in the session and flow goes to the next form page).
The problem is that some users are opening more than one tab to the application, each tab with a different step in the flow. At this point data in the session is messed up since the tabs share the same session (app uses cookie managed sessions).
Telling the users to use different browsers to avoid sharing the same session id (e.g. one Firefox window and one IE window) is not an option since surely at some point somebody will forget to do this and instead use tabs, thus messing up their data.
Adding some verifications that detect that another flow is requested from another tab and display a message to the user saying this is not allowed is not an option either since it pisses of the users and we don't want that do we? :D
The fact is that using another tab is useful for the users because they are more efficient in what they use the application for, so I am keeping this option. But the question now is how best to manage the one session data for the more tabs?
What I thought of, was to have the controller generate a token when it starts the flow and pass this token to each form page which in turn sends it back to identify itself. If another tab requests the same controller action when there is an ongoing flow then generate another token and pass that around.
Basically, I want each flow to have a token and inside the session I won't just keep one set of data but have a set of data for each token and then match requests based on the token.
Now the problem is that this approach will need a lot of rewritings to the application and I was wondering if there is a best practice for managing such a situation or can someone suggest other approaches. I am open to ideas.
Have you encountered this situation? How did you handle it?
This is usually done by assigning a windowId for each tab/window and passing it on each request. Jsf supports this via orchestra. Spring mvc will support it in the next version.
I recently needed this for a simple case, so I implemented it myself. Took half an hour. However, my scope was very limited:
pass a windowId with each request, and return it back for the next request. The first time - generate it.
for any attribute you want to store in the session, put a Map<String, Object> where the key is the windowId
This is exactly what Seam was created to handle. In Seam there's a concept called a Conversation which basically does exactly what you are explaining. Conversations are basically are a way to divide the Session into many pieces that can expire at some timeout. You can look at the source code for org.jboss.seam.core.Manager class to see how it's actually implemented and get inspired ;)
Depending on the complexity of your application, you may want to investigate implementing tabs within your application. This gives you wholesale control over the flow, while still providing users with the functionality they want. I'd argue it's, bugwise, the most robust solution, since you won't have a dependency on the way the browser handles sessions, minimising the number of "known unknowns".
Of course, there'll be potentially a large upfront cost to this, depending on how your application is structured. Without more information about your app, you're the best placed person to decide.
You can also try to wrap your application inside Adobe Air
And then limit your web application to be only accessable from this air. By doing this you dont need to consider the web browser fragmentation and their unique behaviour.